PT-2026-53735 · Undefined · Undefined

Jens Beimel

·

Publicado

2026-06-29

·

Atualizado

2026-06-29

·

CVE-2026-57919

CVSS v3.1

7.8

Alta

VetorAC:L/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:N
PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (.pipePBackupVSS) with a DACL that grants GENERIC READ and GENERIC WRITE permissions to all authenticated users. A low-privileged local attacker can connect to this pipe and send crafted IPC messages to trigger execution of arbitrary commands with SYSTEM privileges via an untrusted search path. This allows privilege escalation by placing a malicious shadow.exe in a controlled working directory.

Correção

Incorrect Default Permissions

Untrusted Search Path

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-57919

Produtos afetados

Undefined